Squid3 problems
-
Where to start…
I have set up a pfsense box at work to support the tech and the sales.... We were using a single TP-Link router everyone had full access to everything.
We have comcast business 35 down and 5 up, running a fresh install of pfsense and only essentials configured to make internet work and keep sales from entering the tech subnet I can get the full speed from our provider.
My problem comes in when I add Squid3, Everything runs great for 6 hours or more. Then sometime throughout the day my speeds drop 5 down 1 up. If I check system activity it shows swap is untouched but almost 4gb of memory is used.
current set up is:
2.1-BETA0 (amd64)
built on Fri Oct 12 09:44:16 EDT 2012
FreeBSD 8.3-RELEASE-p4Squid3 (latest from packages manager)
Intel(R) Core(TM)2 CPU 6300 @ 1.86GHz
4gb memory
500gb hdd seagate something 7200rpmi thinktwo intel cards (WAN/LAN tech) and onboard realtek (sales)
nmbclusters set to 32768
vfs.read=128
squid:
cache:8000mb
largest object:600mb
memory_cache: 512mb
largest_object: 10mbI can't remember if there is anything else that is important that I might have changed.
Why do my speeds drop so bad? Any help is appreciated!
Thanks, Josh
P.s. if I forgot something or you just want to know more of something, run a test or what not let me know I will be glad to do it! -
did you enabled soft updates on /usr during install to improve disk performance?
-
I appreciate the reply! Sorry it took me so long to get back to you I've been sick all weekend.
Back on topic.. I don't remember seeing that option but at the time of install i think i choose the easy/quick option. :-\
Is there a way to enable it after its been installed?
Thanks again for the help!
-
Is there a way to enable it after its been installed?
I've tried once but no success. :(
Another option could be a second hard disk for caching and logging.
-
I've tried once but no success. Sad
Sad day…
so if soft updates were enabled I wouldn't be having this issue where my internet slowly stops responding?
If that is the case I may just reinstall pfsense!!! (probably not but the thought did cross my mind) -
Try to set vfs.read_max to 128 on system->advanced->system tunables.
It will increase disk performance on most systems.
-
Try to set vfs.read_max to 128 on system->advanced->system tunables.
It will increase disk performance on most systems.
…Things just got a little more sad...
I've already increased that
@jwhostet:nmbclusters set to 32768
vfs.read=128No big deal. Thanks for all the help! |If I manage to start over fresh again… I'll let you know my results! (things are slow right now, so the possibility is good!) :)
-
did you enabled soft updates on /usr during install to improve disk performance?
One last question… if soft updates were turned on during the install would that have solved my problem with the speed issue I'm having?
-
I do not install any squid/dansguardian/postfix install without it.
I've never tried read_max 128.
-
UPDATE
From a live cd 20121018-0934 64bit I reinstalled pfsense I then made sure everything was working like it was. Everything is good to go no problems.
To make things better I now have soft updates on for /var and /usr:[2.1-BETA0][admin@pfsense.pcd.domain]/root(3): mount
/dev/ad6s1a on / (ufs, local)
devfs on /dev (devfs, local)
/dev/ad6s1d on /var (ufs, local, soft-updates)
/dev/ad6s1e on /usr (ufs, local, soft-updates)
devfs on /var/dhcpd/dev (devfs, local)I have enabled squid and things are not looking so good. :(
After enabling my speeds have dropped dramatically within the first hour of enabling squid.
Same settings as before!What now?! Why is this happening? :(
Any other ideas?
Thanks!
-
Well I spoke to soon seems soft updates might have solved the speed dropping issue. It seems to use almost all 4gb of memory but not complaining too much.
Is it normal to use next to all of the available memory? What if I had other packages that needed to use memory too? ( As of right now I do not but soon I wish to implement others.)
-
Is it normal to use next to all of the available memory? What if I had other packages that needed to use memory too? ( As of right now I do not but soon I wish to implement others.)
yes, It's normal.
You can try to reduce squid memory cache or add more memory to keep a good performance :)
-
:(
well… apparently I spoke too soon again!
Today I get a message saying the internet is got a 2 second ping and 200kb download which is terrible... after removing squid package everything goes back to normal 20ms ping 32mb download.
I'm assuming squid has been running normal and fine because the load on the router was minimal 5 systems hitting the system hard. Whereas today with a couple more technicians I'm assuming more system continually pulling data.
My question now is why is this happening? Is it hardware related? I estimate about 10gb of bandwidth a day is used. Are we accessing so much data that the system can't keep up?
Any help is once again appreciated, hopefully we can get this solved. If you would like to know any hardware specifics or a specific configuration file let me know and I will get you what you need.
Thanks, Josh
-
Is my thread dead? :(
I have a system on the network that I thought might have been causing squid to go crazy and hang draining internet to a stop.
So I added it to the list that are supposed to bypass proxy but it did not help solve the issue.Any body have any ideas?
-
Any body have any ideas?
Can you try to include this on squid.sh startup script after line 4.
Remember to do not save squid config on gui while you test.sysctl kern.ipc.nmbclusters=65536 sysctl kern.ipc.somaxconn=16384 sysctl kern.maxfiles=131072 sysctl kern.maxfilesperproc=104856 sysctl kern.threads.max_threads_per_proc=4096 -
Hey thanks for getting back to me!! :)
sorry I didn't get back sooner, school got kinda hectic on me for a couple days.
I can definitely try to do that!
One question though, how do i not save squid config on gui?Thanks again for the help…. I feel repetitive but I do truly mean it!!!!!
-
One question though, how do i not save squid config on gui?
do not press save on squid gui after changing rc.d file ;)
-
Haha…. Oh that makes sense. Thanks for the help I forgot this went on to a second page Till right now. I'll probably start testing that tomorrow and hope things go well to report back with good news!!
-
Well we are having major ISP issues here at work so it might be a couple days before I can truly test your possible solutions will post back asap with results!
-
Ok :)
